Effective as of May 24, 2018


This Privacy Policy provides for terms and conditions under which Cromos Pharma LTD, a legal entity registered and operating at Suite 40, the Guinness Enterprise Centre, Taylors Lane, Dublin 8, Ireland, and its affiliates worldwide (“Cromos Pharma”) processes personal data.

We are committed to ensure that your privacy is protected and personal data in processed in full compliance with applicable legislation.

Cromos Pharma may act as the data controller for the processing of personal data for the purposes described herein, as well as be engaged as data processor by its counterparties based on agreements with them. For any matters connected with this Privacy Policy, please contact us to the following address: privacy@cromospharma.com.

Types of collected information

We may collect the following information about you:

• name and family name, job title and information concerning your organization;
• contact details, including phone number, e-mail address, social media/messaging service (Skype, WhatsApp, etc.) accounts and numbers;
• cookies, information concerning your usage of our website www.cromospharma.com (“Web-Site”), and other information related to customer surveys, or
• information regarding your age, residential address, passport/ID details, job experience, education, marital status, bank account and other information provided by you within employment application process, business correspondence with us, and/or for purposes of contract execution.

Purposes of Data Processing

Based on our legitimate interest, and unless you have specifically limited usage of your personal data when providing it to Cromos Pharma, we will use your personal data in the scope not exceeding reasonably necessary for particular purpose, as follows:

• to support internal record keeping in respect of our clients, vendors, employees and service providers to execute and perform contract concluded with you, as well as to promote our services and products to increase sales;
• to support our potential and current client database for providing you with targeted services and products, receiving feedback on your interest towards our service and products;
• to support our potential and current vendor database for requesting services and products from you;
• to provide your data to state authorities in cases specifically introduced by applicable legislation based on executed contract (employment, tax, and other mandatory rules);
• in case of your specific consent thereto, to send promotional email, presentations, service proposals, special offers, newsletters, business initiatives, and other information we think you may find interesting using provided contact details;
• to evaluate your personal information and propose collaboration (employment, engagement, etc.) using provided contact details and related personal data, and
•to customize our website and services according to your interests

No automated decision making (profiling, etc.) is being carried out by Cromos Pharma. We shall not use any source of the personal data other than information provided by the data subject directly, or made available to the public in a legal manner.

Categories of Recipients of the Personal Data

Your personal data may be transferred for processing to the following third parties:

• Cromos Pharma group companies and affiliates, as well as partner firms engaged in joint or partnership activities with Cromos Pharma (in the scope not exceeding necessary for your performance for such third parties);
• Cromos Pharma accounting, HR, legal, IT, data centers and other service providers acting on the basis of agreement, and
• Cromos Pharma customers, agents, contractors and other counterparties solely for the purposes of due fulfillment of our contract with you, and under terms and condition thereof.

Your personal data may be transferred to third parties outside the USA and the European Union on condition Cromos Pharma adopts all necessary safeguards to ensure safety of personal data (including usage of Standard Contractual Clauses as set forth by EU Commission, implementation of technical and organizational security measures, and other reasonable measures). Upon your request the information on safeguards adopted for transfer of your personal data can be provided.

Data Subject Rights

You have the following rights in regard to your personal data:
• right of access which means the right to know whether data concerning you is being processed and to access it;
• right to rectification by means of providing a supplementary statement about missing, incomplete or incorrect information;
• right to erasure or right to be forgotten, among others if personal data has been made public;
• right to require restriction of processing in cases provided by law;
• right to be informed;
• right to data portability;
• right to object to personal data processing to be done or going on;
• right to withdraw consent for personal data processing, and
• other rights provided by applicable legislation.

To exercise your rights please contact privacy@cromospharma.com.

Personal Data Retention Period

Your personal data will be retained for 5 years after the last contract, unless otherwise provided by the applicable legislation, or unless we have received your request for erasure of your personal data or restrictions of processing thereof in accordance with the applicable legislation.

Marketing

We do not collect any contact information and we will never send you any direct communication.

You have the right to view, amend, or delete the personal information that we hold about you. To request access please contact privacy@cromospharma.com. We will provide the information free of charge and within one month, except in the event that the request is unfounded, excessive or repetitive, in which case we reserve the right to charge a proportionate administration fee or refuse.

Rectification of personal information

If any of the information we hold on you is inaccurate or incomplete, you may ask us to correct or complete it at any time.

Your right of erasure, or to be forgotten

You may request the deletion of any email we hold on you at any time.

Be aware that requesting deletion, unlike unsubscribing from specific emails, is total and irreversible. This means that we will also lose record of you having ever been on our systems, including any previous instructions you have given us opting out of specific emails types. If you re-join our systems, by voluntarily providing your personal information, you will appear to us as a completely new data subject. This does not affect your other rights in any way.

To request deletion of your personal information, contact privacy@cromospharma.com using the email address we hold for you or otherwise proving your identity.

Cookies Policy

Cookies are very small text files that are stored on your computer when you visit some websites. Website servers set cookies to help authenticate the user if the user logs in to a secure area of the website. Login information is stored in a cookie so the user can enter and leave the website without having to re-enter the same authentication information over and over.

You can choose to accept or decline cookies. Most browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. Please note that this may prevent you from taking full advantage of the website.

Our Web-site uses Google analytics cookies to monitor traffic levels, search queries and visits to our website, namely: “_ ga” cookie for user identification.

Links to Other Web Sites

This Privacy Policy does not cover the links within our Web-site linking to other websites. Those sites are not governed by this Privacy Policy, and if you have questions about how a site uses your information, you will need to check that site’s privacy statement.

Security

We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

Changes to this Privacy Policy

Cromos Pharma may change this Policy from time to time by updating this page. This policy is effective from 24th May 2018.